cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Set a referrer policy

Browse source
This commit is contained in:
Tom Hughes 2021-06-04 21:49:53 +01:00
parent 3b32753141
commit 29032847d9
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
config/initializers/secure_headers.rb
View file

@ -28,6 +28,7 @@ csp_policy[:report_uri] << Settings.csp_report_url if Settings.key?(:csp_report_
SecureHeaders::Configuration.default do |config|
config.hsts = SecureHeaders::OPT_OUT
config.referrer_policy = "strict-origin-when-cross-origin"
if Settings.csp_enforce
config.csp = csp_policy